Lessons from the Marks & Spencer Data Breach

12th December 2025, 9:40 am

I heard a radio advert encouraging Marks & Spencer customers to join a class action compensation claim following a confirmed data breach. That blew my mind, not just because of the breach itself which everyone knows about, but because I realised this will rapidly become a trend, the “norm”

For businesses, this is has to be a wake-up call. Cybersecurity is no longer a “nice to have” (we already know that), it’s a fundamental business requirement, so is appropriate insurance. The consequences of neglecting it are just too severe.

Financial Impact: Beyond regulatory fines under GDPR, class action lawsuits can cost millions. Even smaller businesses are not immune here.

Reputational Damage: Customers lose trust quickly when their personal data is compromised. Rebuilding that trust can take years.

Operational Disruption: Breaches often lead to downtime, lost productivity, and expensive remediation efforts.

Why This Really Does Matters for Every Business

Cybercrime is evolving fast. Attackers target businesses of all sizes, exploiting weak points like outdated systems, poor email security, and lack of employee training. The reality is scary: if you store data, you’re a target.

Work with Security-Focused MSPs

This is where good, Managed Service Providers (MSPs) with a security-first approach come in. They can provide the right mix of security solutions and training you need tailored around your business, and have skills your team might not.

What’s the point?

Cybersecurity isn’t just about the technology – it’s about protecting your customers, your reputation, and your future. The Marks & Spencer case is just one of the many high profile examples: if you don’t invest in security now and get it right, you’ll pay for it later, financially and reputationally.
Partnering with a security-focused MSP ensures you have the right expertise and tools to stay ahead of threats. In today’s landscape, that’s not optional, it’s essential.

To help businesses work out what a good MSP looks like, the NCSC released a great user friendly guide last week aimed at showing you what to look for, its well worth a read so I’ve linked it below.

https://lnkd.in/eStHjng2

We work in line with the NCSC, we’re a certification body for the Cyber Essentials and Cyber Assurance schemes, so are well qualified to support our current and future clients on this journey.

So do some reading and make sure who ever you are working with is able to do the same. What ever you do, do something if you are not convinced you are secure.

Next Article

Artificial intelligence and employment law

As artificial intelligence continues to reshape the modern workplace, its integration into employment practices raises complex legal questions. AI is […]
Read Article

pro-manchester

Our weekly newsletter highlights all the news and upcoming events from pro-manchester and our members. There’s also business news and events from around the region, offers and much more.

If you’d like to hear from us, sign up here by entering your email address and we’ll be in touch soon!

Find us online

Centurion House, 129 Deansgate, Manchester M3 3WR, United Kingdom
Tel +44 (0)161 833 0964
Email [email protected]
© 2022 pro-manchester Ltd.